Re: [PATCH V2 1/6] namespaces: assign each namespace instance a serial number

Generate and assign a serial number per namespace instance since boot. Use a serial number per namespace (unique across one boot of one kernel) instead of the inode number (which is claimed to have had the right to change reserved and is not necessarily unique if there is more than one proc fs) to uniquely identify it per kernel boot. Signed-off-by: Richard Guy Briggs <rgb(a)redhat.com&gt; ---

+/** + * ns_serial - compute a serial number for the namespace + * + * Compute a serial number for the namespace to uniquely identify it in + * audit records. + */ +unsigned long long ns_serial(void) +{ + static DEFINE_SPINLOCK(serial_lock); + static unsigned long long serial = 4; /* reserved for IPC, UTS, user, PID */ + unsigned long flags; + + spin_lock_irqsave(&serial_lock, flags); + ++serial; + spin_unlock_irqrestore(&serial_lock, flags); + BUG_ON(!serial); + + return serial; +} + static inline struct nsproxy *create_nsproxy(void) { struct nsproxy *nsproxy;